Tailscale & Remote Access¶
The attack box is the only host you should reach directly from your workstation. Everything else stays on the isolated lab bridge.
Access Pattern¶
First-Time Setup¶
From the Proxmox host:
Then connect from your workstation to the attack box with the returned Tailscale IP.
SSH Shortcuts¶
attack-box/provision.sh installs aliases for all four targets:
Typical Session¶
ssh labadmin@<tailscale-ip>
./aipostex discover network --target 172.16.50.10,172.16.50.20,172.16.50.30,172.16.50.40
./aipostex mcp analyze --config ~/lab/mcp-configs/claude_desktop_config.json
./aipostex mcp --transport stdio --stdio-command python3 --stdio-args ~/lab/stdio-mcp-server.py enum
Troubleshooting¶
- If Tailscale is down:
sudo systemctl restart tailscaled && sudo tailscale up - If target SSH fails: verify the VM is up and
verify-lab.shpasses from the attack box - If host keys changed after a rebuild: the lab SSH config already disables strict checking for these aliases